<?php
# file that will process and save to allow user to login

# include of site functions
include_once $_SERVER["DOCUMENT_ROOT"].'Meet-n-go/php/includes.php'; 	// contains includes of all files with functions
session_start();					// starts session for current user
c_db_connect(); 					// connect to database


# make sure all data was entered


if(!isset($_POST['email']) || empty($_POST['email'])) i_set_msg_err('Empty name');
else{
	# TODO check email is in correct form
	
	$email = c_escape($_POST['email']); // escape before doing something with it
}

if(!isset($_POST['password']) || empty($_POST['password'])) i_set_msg_err('Empty password');
else{
	$pass = c_escape($_POST['password']); // escape before doing something with it
}

if( !has_errors() ){
	
	$query = "SELECT id FROM user WHERE email='$email' AND password='$pass'";
	$result = c_db_query($query);
	$nr_rows = mysql_num_rows($result);
	if($nr_rows == 0) i_set_msg_err('E-mail or password specified incorrectly');
	elseif($nr_rows != 1) i_set_msg_err('Incosistant data in database'); // two users with same email address
	else{
		// user was successfuly found
		$row = mysql_fetch_array($result); // get user ID from database
		$user_id = $row[0];
	
		$_SESSION['user_id'] = $user_id; // assign user id to session
	}
	
}

# Where to go after processing
if( has_errors() ) 	$page_id = I_MAIN_PAGE; // if there are erros, go back to login page
else 				$page_id = I_HOME_PAGE; // if there are no erros, go to home page


# code that makes sure, this page is being redirected from afterwards
echo '<head><meta http-equiv="refresh" content="0; url=../../../index.php?id=' . $page_id . '" /></head>';

c_db_disconnect(); 					// disconnect from database
?>